Hello all, Last week I warned about a new zero-day in Microsoft SharePoint on-premises that had just become public knowledge. It escalated quickly, not necessarily with threat actor activity, but with news articles and cyber professionals everywhere urging action. With…
Hello all, What started out as a somewhat quiet week, with only one nasty item early on from Google Chrome, escalated slowly with the last few days bringing reveals of multiple critical and high-severity vulnerabilities in products by Cisco, CrushFTP,…
Hello all, The United States of America turned 249 on Friday. Hopefully, all of our US based readers still have all of their digits and have recovered most of their hearing from the celebratory fireworks, both public and private. Speaking…
Hello all, As we close out the first half of the year, there were a number of new vulnerability and defects revealed that need attention. We must stay diligent to remediate, patch, and mitigate these issues as they arise. On…
Hello all, With the Patch Tuesday onslaught coming next week, I was happy to see that this was another somewhat quiet week as far as vulnerabilities and zero-day reveals are concerned. Last month I was quite wrong in my prediction…
Hello all, Surprisingly, it was a quiet week as far as major vulnerabilities and reveals are concerned. I suspect that the juicy stuff is being held back so that it can be revealed at the RSA conference that starts on…
Hello all, I was expecting a quieter week, but I was surprised by how many serious vulnerabilities were revealed, and about the drama surrounding MITRE and their CVE contract, spawning at least two new numbering authority prospects in response. I…
Hello all, This past week was Patch Tuesday for Microsoft and several other vendors. Apparently feeling that it should be Patch Week instead of just one day, Juniper and VMware chose different days to unleash required fixes. There’s lots of…
Hello all, Apache had a bad week with two vulnerabilities, the first in Parquet, and the second in Tomcat. Ivanti has another zero-day, Apple updated a lot of items, CrushFTP has some drama going on, and Microsoft celebrated 50 years.…
(For a video version of the introduction below, click here) Hello all, Unlike last week’s patch-release frenzy, things dropped back to our normal harried pace this week. We did receive warnings about some pretty nasty defects from the likes of…
For a video version of the introduction below, click here. Hello all, This past Saturday, much of the world experienced Microsoft service disruptions. Big Redmond has now restored services, blaming the failure on a code change saying that they’ve “reverted…
(For a video version of the introduction below, go to my LinkedIn post.) Hello all, This was somewhat of an interstitial week with less headline defects and vulnerabilities, but it was balanced by plenty of other news items. Some of…